Conficker.C variant set for April 1st surprise, CA says

The third Conficker malware variant in infected machines is set to activate April 1, says the director of threat research at CA where the malware sample first discovered last week by Symantec is being examined.

"It's set to go off April 1, 2009 and Conficker will generate 50,000 URLS daily," says Don DeBolt, CA's director of threat research. Generating that many URLs is a way to hide where it may be calling to download instructions from those who designed it to infected machines. It's not known exactly what those instructions might be but it could involve downloading more malicious code or destroying files.

CA says it has some ideas about where Conflicker originated but isn't discussing that at present.

Copyright 2017 IDG Communications. ABN 14 001 592 650. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of IDG Communications is prohibited.